Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-2565

Malware in sbrugna...

6.5CVSS6.5AI score0.00405EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/08/25 4:17 p.m.2 views

CVE-2025-6737 Securden Unified PAM Shared SSH Key and Cloud Infrastructure

Securden’s Unified PAM Remote Vendor Gateway access portal shares infrastructure and access tokens across multiple tenants. A malicious actor can obtain authentication material and access the gateway server with low-privilege permissions...

7.2CVSS7.5AI score0.00051EPSS
Exploits0References1
Veracode
Veracodeadded 2024/04/15 9:37 a.m.20 views

Insufficient Verification Of Data Authenticity

org.wildfly.security:wildfly-elytron-http-oidc is vulnerable to Insufficient Verification of Data Authenticity. The vulnerability is due to the session token caching logic when an OIDC app serving multiple tenants accesses a new tenant with a different OIDC configuration. This flaw occurs in...

7.3CVSS6.7AI score0.00061EPSS
Exploits0References7Affected Software1
OSV
OSVadded 2024/04/10 3:30 p.m.26 views

GHSA-JPMX-996V-48FM WildFly Elytron: OIDC app attempting to access the second tenant, the user should be prompted to log

A flaw was found in JBoss EAP. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in OidcSessionTokenStore when determining if...

7.3CVSS6.9AI score0.00061EPSS
Exploits0References8
NVD
NVDadded 2024/04/10 1:15 a.m.18 views

CVE-2023-6236

A flaw was found in Red Hat Enterprise Application Platform 8. When an OIDC app that serves multiple tenants attempts to access the second tenant, it should prompt the user to log in again since the second tenant is secured with a different OIDC configuration. The underlying issue is in...

7.3CVSS7AI score0.00061EPSS
Exploits0References5
CVE
CVEadded 2024/04/10 1:4 a.m.105 views

CVE-2023-6236

CVE-2023-6236 affects Red Hat JBoss Enterprise Application Platform 8 (OIDC multi-tenant scenario). The root cause is in OidcSessionTokenStore: when deciding whether to reuse a cached token, it must also consider the new provider-url option in addition to realm; without this, an app serving multi...

7.3CVSS6.9AI score0.00061EPSS
Exploits0References5
The Hacker News
The Hacker Newsadded 2023/07/10 11:35 a.m.56 views

Global Retailers Must Keep an Eye on Their SaaS Stack

Brick-and-mortar retailers and e-commerce sellers may be locked in a fierce battle for market share, but one area both can agree on is the need to secure their SaaS stack. From communications tools to order management and fulfillment systems, much of today's critical retail software lives in SaaS...

9.8CVSS6.6AI score0.9212EPSS
Exploits9
Rows per page
Query Builder